SWIFT and the Boston Consulting group release new information paper on evolving cybersecurity threats in India
In recent years, the financial community in the Indian subcontinent has fallen victim to substantial wire frauds. External and internal malicious actors have successfully compromised the operating environment of the banks, stealing or misusing SWIFT operator credentials, executing fraudulent transactions and obfuscating the attacks. In response, the Reserve Bank of India has introduced strict operating controls, imposing fines in cases of non-compliance, and continues to audit and monitor SWIFT channel operations. The threat of cyberattacks on banks and their critical channel infrastructure, including SWIFT, is persistent and increasingly sophisticated.
The new information paper provides a summary of recent SWIFT threat intelligence, explaining the recent evolutions of cyber threats and the patterns financial institutions can use to improve their transaction monitoring. It also describes key developments in the SWIFT Customer Security Programme (CSP), including:
- the Customer Security Control Framework (CSCF) v2019, which will uplift the controls required in the operating environment of SWIFT users;
- the Payments Control Service (PCS), a zero-footprint, in-network screening utility which offers a last line of defence in the event your operating environment is compromised;
- quality and timely data for reconciliation to enable timely detection and response to active attacks; and
- SWIFT messaging infrastructure features to strengthen multi-factor authentication and integration with enterprise authentication systems.
The report also includes BCG analysis of RBI data setting the scene of an increasingly digital industry put under pressure by cybersecurity.
Along with an aggressive regulatory agenda, pressing demands from domestic consumers, and continuing competition from incumbents and new home grown & foreign entrants have set a fast-paced roadmap for digitisation in financial services. While short and medium term challenges remain, digitisation will be a key enabler for India to achieve its forecasted 7.6% GDP growth in 2019-20 FY, putting it ahead of its BRICS counterparts.
Cybersecurity poses a significant threat to this roadmap. IT and operations executives at financial institutions should instil a culture and discipline of security while mindfully enabling the enterprise with new digital capabilities to combat looming threats. SWIFT is committed to supporting our community in responding to persistent threats targeting our community in the Indian subcontinent and globally.
As cyberattacks are growing more complex and sophisticated, financial institutions must remain ahead of the curve and have adequate cybersecurity processes in place. In this context, information sharing is critical: the more information the community will be able to share, the better prepared the industry will be to face new attacks.